raw packets and iptables
Next message: Nico Kadel-Garcia: "Re: Openssh security"
Date: Sat, 27 Sep 2003 21:38:24 GMT
Is it possible to build and transmit raw packets that iptables would
otherwise drop on that box?
For example, if the default policy on OUTPUT is to drop, and there's no rule
to allow outbound on port 'X', is it possible to build and send a raw packet
from port 'X', and bypass iptables, or will iptables still drop it?
Thanks!
Next message: Nico Kadel-Garcia: "Re: Openssh security"
Relevant Pages
- Re: Iptables for Linux
... > some things you know you don't want (with a default-accept policy), ... With iptables you cannot set REJECT as default policy. ... You would have to explicitly ACCEPT and REJECT every single port (or port ... If you DROP and ACCEPT certain ports, scanners know you are firewalled. ...
(comp.security.firewalls) - Re: firewall ports not working
... > Chain FORWARD (policy ACCEPT) ... > multiport sports 20,25 ... Looks like it should allow traffic on port 25. ... iptables by running "service iptables stop" you are able to connect to ...
(Fedora) - Iptables blocking strange packets
... I've got iptables running on a machine that is multi-homed. ... chain has a default DROP policy. ... My question a about port 25 (SMTP). ...
(comp.os.linux.security) - Re: Iptables for Linux
... >> some things you know you don't want (with a default-accept policy), ... > With iptables you cannot set REJECT as default policy. ... > You would have to explicitly ACCEPT and REJECT every single port (or port ... Which should already be known as my prefered way of firewalling, ...
(comp.security.firewalls) - Re: IPTABLES configuration [help]
... You'll need port 20 also, unless you want to use FTP without the data transfer ... I really want to learn iptables better. ... Default policy: Deny. ... FORWARD table will have no rules beyond the default policy. ...
(comp.os.linux.security) |
|
